Detailed Description

The Set-AppLockerPolicy cmdlet sets the specified GPO to contain the specified AppLocker policy. If no Lightweight Directory Access Protocol (LDAP) is specified, then the default is the local GPO.

The input values for the AppLocker policy can be an AppLockerPolicy object or an XML-formatted file containing the AppLocker policy.

Parameters

-Ldap<String>

Specifies the LDAP path of the GPO. It must specify a unique GPO. If this parameter is not specified, then the local AppLocker policy is set.

Aliases

none

Required?

false

Position?

named

Default Value

none

Accept Pipeline Input?

false

Accept Wildcard Characters?

false

-Merge

Merges the rules in the specified AppLocker policy with the AppLocker rules in the target GPO specified in the LDAP path. The merging of policies will remove rules with duplicate rule IDs, and the enforcement setting specified by the AppLocker policy in the target GPO will be preserved. If the Merge parameter is not specified, then the new policy will overwrite the existing policy.

EXAMPLE 3

This example gets the local AppLocker policy, and then merges the policy with the existing AppLocker policy in the GPO specified in the LDAP path. See the Merge parameter description for more details on how two policies are merged.